291 0

Dynamic Binary Instrumentation을 활용한 악성코드 분류

Title
Dynamic Binary Instrumentation을 활용한 악성코드 분류
Other Titles
Malware Classification Method using Dynamic Binary Instrumentation
Author
왕러
Alternative Author(s)
Le Wang
Advisor(s)
임을규
Issue Date
2017-08
Publisher
한양대학교
Degree
Master
Abstract
With the rapid development of Internet, malware has become increasingly serious in the field of computer security. Nowadays, most existing antivirus software use signature-based methods to detect malware. However, traditional signature-based method cannot detect malware effectively, which are processed by obfuscation technique. Thus, in order to address these problems above, we propose a detection system for malware, which uses dynamic binary instrumentation (DBI). We selected Intel Pin as our DBI tools to dynamically extract instructions. The extracted instruction sequences are converted into histogram date files, and make a similarity comparison among these files using normalized cross correlation algorithm. Experiment results show that the dynamic detection system can effectively distinguish malware and benign software. Keywords: Computer Security
Dynamic Analysis
Binary Instrumentation
Instruction sequence
Malware
URI
http://hdl.handle.net/20.500.11754/33669http://hanyang.dcollection.net/common/orgView/200000430931
Appears in Collections:
GRADUATE SCHOOL[S](대학원) > COMPUTER SCIENCE(컴퓨터·소프트웨어학과) > Theses (Ph.D.)
Files in This Item:
There are no files associated with this item.
Export
RIS (EndNote)
XLS (Excel)
XML


qrcode

Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.

BROWSE